CVE-2019-11003

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-11003

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-11003.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2019-11003

Aliases

GHSA-7752-f4gf-94gc

Published

2019-04-08T18:29:00.380Z

Modified

2025-11-20T10:55:24.780452Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

[none]

Details

In Materialize through 1.0.0, XSS is possible via the Autocomplete feature.

References

https://github.com/Dogfalo/materialize/issues/6286

Affected packages

Git / github.com/dogfalo/materialize

Affected ranges

Type: GIT
Repo: https://github.com/dogfalo/materialize
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

80e8ed370487aaf1e2185b028f7deda40da94eb9

Affected versions

1.*

1.0.0

1.0.0-alpha.1

1.0.0-alpha.2

1.0.0-alpha.3

1.0.0-alpha.4

1.0.0-beta

1.0.0-rc.1

1.0.0-rc.2

v0.*

v0.100.0

v0.100.1

v0.62

v0.68

v0.69

v0.81

v0.82

v0.9

v0.91

v0.92.0

v0.92.1

v0.93.0

v0.93.1

v0.94.0

v0.94.1

v0.94.2

v0.95.0

v0.95.1

v0.95.2

v0.95.3

v0.96.0

v0.96.1

v0.97.0

v0.97.1

v0.97.2

v0.97.3

v0.97.4

v0.97.5

v0.97.6

v0.97.7

v0.97.8

v0.98.0

v0.98.1

v0.98.2

v0.99.0

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-11003.json"